General
-
Target
9236435a5d3d3348ad69b8af556528e5507594d309190c4e52a7b8fcb95b02e7
-
Size
4.2MB
-
Sample
230206-gbkwqsff3z
-
MD5
bf38bf13ef6960fc354b501d7d6484f9
-
SHA1
f115dff73fda57a246d995785f16501cb92243b5
-
SHA256
9236435a5d3d3348ad69b8af556528e5507594d309190c4e52a7b8fcb95b02e7
-
SHA512
bf741f22b2a19886c041f7e6e3e0fd731b8d8e1cab17acf758311da8d32d0c80655d8f6e6f32ec17cc9fa6de97ff370ae6dfd09d35b96427720073f0569ca0d1
-
SSDEEP
98304:CLx3cnDwn9/ByHY2hoo1qBSZhw3LfPL3VhPwCu9j/P08dL1RYnLvP0D0n:CLxMe/By42hCSUjTFRw99QgLLCvMo
Static task
static1
Malware Config
Targets
-
-
Target
9236435a5d3d3348ad69b8af556528e5507594d309190c4e52a7b8fcb95b02e7
-
Size
4.2MB
-
MD5
bf38bf13ef6960fc354b501d7d6484f9
-
SHA1
f115dff73fda57a246d995785f16501cb92243b5
-
SHA256
9236435a5d3d3348ad69b8af556528e5507594d309190c4e52a7b8fcb95b02e7
-
SHA512
bf741f22b2a19886c041f7e6e3e0fd731b8d8e1cab17acf758311da8d32d0c80655d8f6e6f32ec17cc9fa6de97ff370ae6dfd09d35b96427720073f0569ca0d1
-
SSDEEP
98304:CLx3cnDwn9/ByHY2hoo1qBSZhw3LfPL3VhPwCu9j/P08dL1RYnLvP0D0n:CLxMe/By42hCSUjTFRw99QgLLCvMo
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-